SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint ded1f277d9bec1f6e6ba23794c5a5a80b39aeee4.

Database Entry


SHA1 Fingerprint:ded1f277d9bec1f6e6ba23794c5a5a80b39aeee4
Certificate Common Name (CN):aclassshades.com
Issuer Distinguished Name (DN):Let's Encrypt Authority X3
TLS Version:TLS 1.2
First seen:2018-09-03 10:25:12 UTC
Last seen:2018-10-03 09:47:20 UTC
Status:Blacklisted
Listing reason:Gozi C&C
Listing date:2018-09-03 10:39:26
Malware samples:9
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-10-03 09:47:20e2ab3737dfbe5e62b370bace0aa8e580Virustotal results 8/69 (11.59%) Gozi 91.201.65.107:443
2018-10-02 12:13:5057690a834df060a749cd705a69c8953aVirustotal results 7/67 (10.45%) Gozi 91.201.65.107:443
2018-09-30 04:09:022d64db7bf25570aa4a8ddbc51b2029baVirustotal results 28/69 (40.58%) Gozi 91.201.65.107:443
2018-09-27 08:11:45581480ef5585d4d8ef810ee8e0dea1bfVirustotal results 6/68 (8.82%) Gozi 91.201.65.107:443
2018-09-25 13:23:36dc9cf1f39e5de7b69052492cea7e42d6Virustotal results 12/68 (17.65%) Gozi 91.201.65.107:443
2018-09-22 12:41:541bf6b6158016c49b7a4063518a31bf46Virustotal results 25/66 (37.88%) Gozi 91.201.65.107:443
2018-09-12 05:32:21dd5ee1b7e5e4ae6cafb7526be5e888e8Virustotal results 4/67 (5.97%) Gozi 91.201.65.107:443
2018-09-04 07:18:09279c3c5d33f4912d545c9e2f9fd9aa8aVirustotal results 12/67 (17.91%) Gozi 91.201.65.107:443
2018-09-03 10:25:12b69fa266bc385d347a7179dccd6e279eVirustotal results 6/66 (9.09%) Gozi 91.201.65.107:443

# of entries: 9 (max: 100)